Lean Authorization Structures Through Business Role Modelling at MAN Financial Services

How MAN FS uses business role modeling and SoD controls to automate access, enforce compliance, and streamline authorization processes.

Regulated IAM at Scale

As a financial institution, MAN Financial Services (MAN FS) is subject to strict regulatory requirements. A key compliance obligation is the ability to demonstrate at any time who has which access rights across the organization.

Given the volume of daily changes caused by onboarding, transfers, and offboarding, secure and lean Identity & Access Management (IAM) has become essential. MAN FS needed a solution that could enforce minimum-access principles, support SoD controls, and provide audit-ready documentation without adding complexity.

To meet these requirements, MAN FS implemented NEXIS 4 to model and manage access rights as structured business roles - reducing administrative overhead while ensuring compliance.

Bundling Authorizations. Enforcing SoD.

The goal was to implement IAM processes capable of meeting all regulatory demands.

MAN FS wants to implement IAM processes that can fully meet all regulatory requirements. By modeling access as business roles, it became easier to grant entitlements for individual employees, teams, or entire departments. Embedded segregation of duties (SoD) rules ensure regulatory compliance is maintained at all times.

Remark by MAN FS: “We’re one of the winners!”

Within the VW corporation, we took part in a global IT project competition with this project in 2020. The projects that qualified to participate were assessed by internal experts based on relevance, duration, scope and ultimately, of course, success. Despite the regulatory theme of our project in the midst of projects on optimization and increasing cost efficiency, our clear approach won us third place out of over 64 projects submitted.

Alexander Rosener

Project Manager IAM, MAN Financial Services

From Lightweight Concept to Central Governance Layer

efore the project, IAM at MAN FS operated without a technical platform. The aim wasn’t to introduce a heavyweight suite, but rather a flexible, scalable solution to automate complex access processes already in place.

Following a successful proof of concept, NEXIS 4 was introduced to:

Model and monitor business roles based on minimum-access principles (requirement of BaFin)

Map existing approval workflows and enforce embedded SoD rules

Deliver business roles across departments in a short timeframe

Designing for Simplification and Automation

Together, the project team defined and rolled out a series of automation-first IAM practices:

Business role modeling through NEXIS 4 replacing Excel-based role management

SoD enforcement across 15,000+ entitlements using rule-based controls and compensating measures

Semi-annual recertification cycles, fully automated with task-specific UI and visual instructions

Workflow-driven role changes involving business units and IT without media breaks

REST API-based integration with MAN FS’s ticketing system for automated role assignment/removal

Connecting Data Sources in Hours, Not Weeks

All relevant data sources - including SQL, LDAP, and SAP - were connected using NEXIS 4’s standard connectors, enabling fast deployment.

Business role workflows and SoD rules were fully configured in NEXIS 4. The REST API was used to link the system to MAN FS’s ticketing platform, ensuring seamless end-to-end automation of access provisioning.

Business Role Modeling with Built-In Compliance

Regulatory-compliant business role structures for secure access assignments

Fast, automated handling of joiner/mover/leaver processes

Internal and external audits confirmed full alignment with regulatory requirements

About MAN

As a financing company, MAN Financial Services supports the MAN Truck & Bus customers and thus the sales volume of the commercial vehicle manufacturer as well. The MAN Financial Services service portfolio includes local and international finance, leasing and insurance solutions for MAN Truck & Bus commercial vehicles. MAN Financial Services is a sub- sidiary of Volkswagen Leasing GmbH at the Munich site. MAN Financial Services has been part of Europe’s largest automotive financial service company, Volkswagen Financial Services AG, and thus one of the companies forming the Volkswagen Group since 2014.

Success Story MAN Financial Services